<?php
header("Content-Type:text/html; charset=utf-8");
include_once('../inc/init.php');
include_once('../inc/cache.php');
include_once('inc/adminfun.php');
if(!isAdmin()){
	exit("请登录");
}

$action=strFilter($_GET['action']);
switch($action){
	case "savegroups":
		try{
			$groups_groupname=$_POST['groups_groupname'];
			$groups_marklower=$_POST['groups_marklower'];
			$groups_markhigher=$_POST['groups_markhigher'];
			$groups_starnum=$_POST['groups_starnum'];
			$groups_color=$_POST['groups_color'];

			if(is_array($groups_groupname)) {
				if(count($groups_groupname)>80){
					echo("最多使用80个普通组。");
					return;
				}

				$clearobj['groupname']='';
				$clearobj['marklower']='0';
				$clearobj['markhigher']='0';
				$clearobj['starnum']='0';
				$clearobj['color']='0';
				$db->row_update("groups",$clearobj,"groupid<=80");

				foreach($groups_groupname as $key=>$group_groupname){
					
					$groupobj['groupname']=$groups_groupname[$key];
					$groupobj['marklower']=$groups_marklower[$key];
					$groupobj['markhigher']=$groups_markhigher[$key];
					$groupobj['starnum']=$groups_starnum[$key];
					$groupobj['color']=$groups_color[$key];
					$db->row_update("groups",$groupobj,"groupid=".($key+1));
				}
			}else{
				echo("参数错误。");
				return;
			}
			writeGroupsCache();
			echo("y");
		}catch(Exception $e){
			echo($e);
		}
	break;

	case "savegroups2":
		try{
			$groups=$_POST['groups'];
			if(is_array($groups)) {
				foreach($groups as $group){
					$db->row_update("groups",$group,"id={$group['id']}");
				}
			}
			$rows=$db->row_select("groups","",0,"groupid,groupname,popedom,starnum","groupid");
			$groups=array();
			foreach($rows as $row){
				$groups["{$row['groupid']}"]=$row;
			}
			writeGroupsCache();
			echo("y");
		}catch(Exception $e){
			echo($e);
		}
	break;
	
	case "verify":
		try{
			$doaction=$_POST['doaction'];
			$verifydesc=$_POST['verifydesc'];
			if(is_array($doaction)) {
				foreach($doaction as $id => $value) {
					$value=numFilter($value);
					$users['verifydesc'] = $verifydesc[$id];
					
					if($value==1){
						//审核通过
						$users['groupid'] = 1;
						$db->row_update("users",$users,"id={$id}");
					}elseif($value==2){
						//否决
						$users['groupid'] = GROUP_VERIFYFAILED;
						$db->row_update("users",$users,"id={$id}");
					}elseif($value==3){
						//删除
						$db->row_delete("users","id={$id}");
					}else{
						//忽略
					}
					
				}
			}
			echo("y");
		}catch(Exception $e){
			echo($e);
		}
	break;
		
	case "delusers":
		try{
			$deluid=$_POST['deluid'];
			if(is_array($deluid)) {
				foreach($deluid as $uid) {
					//1.删除回帖 posts
					$db->row_delete("posts","tid in (select id from `{$db->pre}topics` where userid={$uid})");	//删除别人的回帖
					$db->row_delete("posts","userid={$uid}");	//删除自己的回帖
					//2.删除帖子 topics
					$db->row_delete("topics","userid={$uid}");
					//3.删除站内短信 msgs
					$db->row_delete("msgs","fromuserid={$uid} or touserid={$uid}");
					//4.删除friends
					$db->row_delete("friends","userid={$uid} or friid={$uid}");
					//5.删除invite
					$db->row_delete("invite","fromuserid={$uid} or touserid={$uid}");
					//6.删除online
					$db->row_delete("online","userid={$uid}");
					//7.删除fans
					$db->row_delete("fans","userid={$uid} or fanid={$uid}");
					//8.删除users
					$db->row_delete("users","id={$uid}");
					//9.删除attachments
					$attrows=$db->row_select("attachments","userid={$uid}");
					foreach($attrows as $row){
						$filepath="../uploadfile/attachment/".$row['filepath'];
						if(file_exists($filepath)){
							@unlink($filepath);
						}
						$db->row_delete("attachments","id={$row['id']}");
					}
					
				}
			}
			echo("y");
		}catch(Exception $e){
			echo($e);
		}
	break;
		

	case "savepopedom":
		$groupid=numFilter($_GET['groupid']);
		$popedom=$_POST['popedom'];
		if(is_array($popedom) && count($popedom)==18){
			$str=implode("|",$popedom);
			$g['popedom']=$str;
			$db->row_update("groups",$g,"groupid={$groupid}");

			$rows=$db->row_select("groups","",0,"groupid,groupname,popedom,starnum");
			$groups=array();
			foreach($rows as $row){
				$groups["{$row['groupid']}"]=$row;
			}
			writeGroupsCache();
				
			echo("y");
		}
		else{
			echo("传入参数错误");
		}
	break;

	

	case "edituser":
		$uid=numFilter($_GET['uid']);
		$user=$_POST['user'];
		$deluserpic=$_POST['deluserpic'];
		
		if(!empty($deluserpic)){
			$userpic_big = INC_P."/../uploadfile/userpic/big/{$uid}.jpg";
			if(file_exists($userpic_big)){
				unlink($userpic_big);
			}
			$userpic_small = INC_P."/../uploadfile/userpic/small/{$uid}.jpg";
			if(file_exists($userpic_small)){
				unlink($userpic_small);
			}
			$userpic_origin = INC_P."/../uploadfile/userpic/origin/{$uid}.jpg";
			if(file_exists($userpic_origin)){
				unlink($userpic_origin);
			}
			
		}
		if($uid==0||!is_array($user)){
			echo("非法操作");
			return;
		}
		if(empty($user['userpass'])){
			unset($user['userpass']);
		}else{
			$user['userpass']=encrypt($user['username'],$user['userpass']);
		}
		$user['signuptime']=strtotime($user['signuptime'])-$cache_settings['timeoffset']*3600;
		$user['logintime']=strtotime($user['logintime'])-$cache_settings['timeoffset']*3600;
		$db->row_update("users",$user,"id={$uid}");
		echo("y");
	break;

	
	case "editusergroup":
		$uid=numFilter($_GET['uid']);
		$groupid=numFilter($_POST['groupid']);
		if($uid==0||$groupid==0){
			exit("非法操作");
		}
		$user['groupid']=$groupid;
		if($groupid==-1){
			$row=$db->row_select_one("users","id={$uid}");
			if(empty($row)){
				exit("用户不存在");
			}
			$allmark=getAllCredits($cache_settings['creditsexpression'], $row);
			$row_group=$db->row_select_one("groups","({$allmark} BETWEEN marklower AND markhigher) and (groupid BETWEEN 1 AND 80)");
			if(empty($row_group)){
				$user['groupid']=1;
			}else{
				$user['groupid']=$row_group['groupid'];
			}
		}

		$db->row_update("users",$user,"id={$uid}");
		echo("y");
	break;

	
	case "adduser":
		$user=$_POST['user'];
		if(empty($user['username'])||empty($user['userpass'])||empty($user['email'])){
			echo("用户资料不完整");
			return;
		}
		$row=$db->row_select_one("users","username='{$user['username']}'");
		if(!empty($row)){
			echo("用户名已经被使用");
			return;
		}
		$user['userpass']=encrypt($user['username'],$user['userpass']);
		$user['signuptime']=time();
		$user['signupip'] = getIP();
		$user['groupid'] = 1;
		$user['lastlogintime']=time();
		$db->row_insert("users",$user);
		echo("y");
	break;

	
	
	
	default:
		echo"No Such Action";
	break;
}

?>
